Nato has confirmed that it is currently establishing cyber as a legitimate military domain, in which an online attack against a member nation could be considered an attack on all 29 allies.
The military alliance’s secretary general, Jens Stoltenberg, made the remarks at a press conference in Brussels yesterday ahead of a meeting of Nato defense ministers.
He said the alliance was “in the process of establishing cyber” as a domain alongside land, sea and air, meaning a cyber-attack could theoretically trigger Article 5 the part of its treaty related to collective defense.
However, the likelihood of being able to invoke Article 5 against a nation state attacker is complicated by the problem of attribution.
Nevertheless, Stoltenberg argued that cyber was an increasingly vital element of modern operations, as highlighted by WannaCry and the ‘Petya’ outbreak this week.
“We are implementing our cyber-defense pledge which is ensuring that we are strengthening the cyber-defenses of both Nato networks but also helping Nato allies to strengthen their cyber-defenses. We exercise more, we share best practices and technology and we also work more and more closely with all allies looking into how we can integrate their capabilities, strengthening Nato’s capability to defend our networks,” he added.
“All of this highlights the advantage of being an alliance of 29 allies because we can work together, strengthen each other and and learn from each other.”
Stoltenberg claimed the organization was also helping Ukraine improve its cyber-defenses.
The country has been rocked by several major attacks on critical infrastructure since its war with Russia began.
These have included stealthy APT attacks against power stations which caused blackouts for two successive winters.
It is also thought to have been ground zero in the recent ‘Petya’ attack campaign which led to ransomware causing widespread service outages in government organizations, utilities and more.
Microsoft claimed on Tuesday to have observed more than 12,500 machines in the country encounter the threat, with hackers booby-trapping an update for legitimate accounting software MEDoc to gain an initial foothold.
Nato has also experienced its fair share of attacks, being a favorite target of the infamous Fancy Bear/APT28 group linked to the Kremlin.